{ "id":"/axapi/v3/waf/template/{name}/form-protection", "type":"object", "node-type":"scalar", "title":"form-protection", "partition-visibility":"shared", "description":"Web form protection", "properties":{ "enable-disable-action":{ "type":"string", "format":"enum", "default":"enable", "partition-visibility":"shared", "description":"'enable': Enable web form protections (default); 'disable': Disable web form protections; ", "enum":[ "enable", "disable" ], "optional":true }, "csrf-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Tag the form to protect against Cross-site Request Forgery", "optional":true }, "field-consistency-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Form input consistency check", "optional":true }, "password-check-non-masked":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check forms that have a password field with a textual type, resulting in this field not being masked", "optional":true }, "password-check-non-ssl":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check forms that has a password field if the form is not sent over an SSL connection", "optional":true }, "password-check-autocomplete":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check to protect against server-generated form which contain password fields that allow autocomplete", "optional":true }, "form-check-non-ssl":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check whether SSL is used for request with forms", "optional":true }, "form-check-caching":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable caching for response with forms", "optional":true }, "form-check-non-post":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check whether POST is used for request with forms", "optional":true }, "form-check-request-non-post":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check whether POST is used for request with forms", "optional":true }, "form-check-response-non-post":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check whether form method POST is used for response with forms", "optional":true }, "form-check-response-non-post-sanitize":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Change form method GET to POST (Use with caution: make sure server application still work)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } } }